From cd3ef0a0d2357dcae7c52244f54893e6f3309208 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Wed, 30 May 2001 02:11:29 +0000 Subject: [PATCH] Remove ipf. Darren Reed has interpreted his (old, new, whichever) licence in a way that makes ipf not free according to the rules we established over 5 years ago, at www.openbsd.org/goals.html (and those same basic rules govern the other *BSD projects too). Specifically, Darren says that modified versions are not permitted. But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia. Furthermore, we know of a number of companies using ipf with modification like us, who are now in the same situation, and we hope that some of them will work with us to fill this gap that now exists in OpenBSD (temporarily, we hope). --- src/etc/Makefile | 8 +++----- src/etc/changelist | 4 +--- src/etc/etc.alpha/MAKEDEV | 14 ++------------ src/etc/etc.amiga/MAKEDEV | 17 +++-------------- src/etc/etc.arc/MAKEDEV | 13 ++----------- src/etc/etc.hp300/MAKEDEV | 13 ++----------- src/etc/etc.hppa/MAKEDEV | 13 ++----------- src/etc/etc.i386/MAKEDEV | 13 ++----------- src/etc/etc.mac68k/MAKEDEV | 12 +----------- src/etc/etc.mvme68k/MAKEDEV | 15 +++------------ src/etc/etc.mvme88k/MAKEDEV | 13 ++----------- src/etc/etc.pc532/MAKEDEV | 13 ++----------- src/etc/etc.pmax/MAKEDEV | 13 ++----------- src/etc/etc.powerpc/MAKEDEV | 13 ++----------- src/etc/etc.sparc/MAKEDEV | 13 +------------ src/etc/etc.sun3/MAKEDEV | 13 +------------ src/etc/etc.vax/MAKEDEV | 8 ++------ src/etc/ipf.rules | 11 ----------- src/etc/ipnat.rules | 6 ------ src/etc/mtree/special | 3 +-- src/etc/netstart | 18 +----------------- src/etc/newsyslog.conf | 4 +--- src/etc/rc | 6 +----- src/etc/rc.conf | 7 +------ src/etc/syslog.conf | 6 +++--- 25 files changed, 41 insertions(+), 228 deletions(-) delete mode 100644 src/etc/ipf.rules delete mode 100644 src/etc/ipnat.rules diff --git a/src/etc/Makefile b/src/etc/Makefile index 707ce570..d92d2292 100644 --- a/src/etc/Makefile +++ b/src/etc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.121 2001/05/14 14:39:39 hin Exp $ +# $OpenBSD: Makefile,v 1.122 2001/05/30 02:11:04 deraadt Exp $ TZDIR= /usr/share/zoneinfo LOCALTIME= US/Pacific @@ -15,8 +15,8 @@ BINGRP= wheel BIN1= bootptab changelist ccd.conf csh.cshrc csh.login csh.logout \ daily dhcpd.conf dhcpd.interfaces dm.conf exports ftpusers \ ftpchroot gettytab group hosts hosts.lpd inetd.conf \ - ipf.rules ksh.kshrc locate.rc man.conf monthly motd mrouted.conf \ - myname ipnat.rules netstart networks newsyslog.conf passwd.conf \ + ksh.kshrc locate.rc man.conf monthly motd mrouted.conf \ + myname netstart networks newsyslog.conf passwd.conf \ phones printcap protocols rbootd.conf rc rc.conf rc.local \ rc.securelevel rc.shutdown remote rpc security services \ shells syslog.conf weekly etc.${MACHINE}/disktab dhclient.conf \ @@ -187,8 +187,6 @@ distribution-etc-root-var: distrib-dirs ${DESTDIR}/var/log/daemon ${INSTALL} -c -o ${BINOWN} -g wheel -m 640 /dev/null \ ${DESTDIR}/var/log/ftpd - ${INSTALL} -c -o ${BINOWN} -g wheel -m 640 /dev/null \ - ${DESTDIR}/var/log/ipflog ${INSTALL} -c -o ${BINOWN} -g wheel -m 644 /dev/null \ ${DESTDIR}/var/log/lastlog ${INSTALL} -c -o ${BINOWN} -g wheel -m 640 /dev/null \ diff --git a/src/etc/changelist b/src/etc/changelist index 4e7d6145..8e060f08 100644 --- a/src/etc/changelist +++ b/src/etc/changelist @@ -1,4 +1,4 @@ -# $OpenBSD: changelist,v 1.16 2001/05/04 15:57:11 millert Exp $ +# $OpenBSD: changelist,v 1.17 2001/05/30 02:11:05 deraadt Exp $ # # List of files which the security script backs up and checks # for modifications. @@ -33,8 +33,6 @@ /etc/hosts.equiv /etc/hosts.lpd /etc/inetd.conf -/etc/ipf.rules -/etc/ipnat.rules /etc/locate.rc /etc/mail.rc /etc/mailer.conf diff --git a/src/etc/etc.alpha/MAKEDEV b/src/etc/etc.alpha/MAKEDEV index 3b6a8ab8..8a87f1a8 100644 --- a/src/etc/etc.alpha/MAKEDEV +++ b/src/etc/etc.alpha/MAKEDEV @@ -1,5 +1,5 @@ #!/bin/sh - -# $OpenBSD: MAKEDEV,v 1.51 2001/05/14 07:56:36 deraadt Exp $ +# $OpenBSD: MAKEDEV,v 1.52 2001/05/30 02:11:11 deraadt Exp $ # $NetBSD: MAKEDEV,v 1.8.4.1 1996/06/18 00:41:56 cgd Exp $ # # Copyright (c) 1990 The Regents of the University of California. @@ -82,7 +82,6 @@ # *random inkernal random data source # uk* SCSI Unknown device # ss* SCSI scanners -# ipl IP filter log PATH=/sbin:/bin:/usr/bin:/usr/sbin this=$0 @@ -159,7 +158,7 @@ all) sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 sh $this tun0 tun1 tun2 tun3 sh $this ttyB0 ttyB1 tty00 tty01 lkm - sh $this mmclock lpa0 lpt0 random ipl + sh $this mmclock lpa0 lpt0 random sh $this uk0 uk1 ss0 ss1 sh $this ttyc0 ttyc1 ttyc2 ttyc3 ttyc4 ttyc5 ttyc6 ttyc7 sh $this local xfs0 @@ -538,15 +537,6 @@ random|srandom|urandom|prandom|arandom) chmod 644 random srandom urandom prandom arandom ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 35 0 - mknod ipnat c 35 1 - mknod ipstate c 35 2 - mknod ipauth c 35 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - uk*) rm -f uk$unit mknod uk$unit c 33 $unit diff --git a/src/etc/etc.amiga/MAKEDEV b/src/etc/etc.amiga/MAKEDEV index dbd56c36..03d01783 100644 --- a/src/etc/etc.amiga/MAKEDEV +++ b/src/etc/etc.amiga/MAKEDEV @@ -1,5 +1,5 @@ #!/bin/sh - -# $OpenBSD: MAKEDEV,v 1.46 2001/04/10 03:03:50 brad Exp $ +# $OpenBSD: MAKEDEV,v 1.47 2001/05/30 02:11:12 deraadt Exp $ # $NetBSD: MAKEDEV,v 1.21 1996/05/19 21:03:49 veego Exp $ # # Copyright (c) 1990 The Regents of the University of California. @@ -86,7 +86,6 @@ # lkm loadable kernel modules interface # bpf* Berkeley Packet Filter # tun* network tunnel driver -# ipf IP filter # ss* SCSI scanners # uk* SCSI Unknown device # *random inkernal random data source @@ -168,7 +167,7 @@ all) sh $this vnd0 vnd1 vnd2 vnd3 vnd4 vnd5 vnd6 cd0 cd1 fd0 fd1 fd2 fd3 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 sh $this view00 view01 view02 view03 view04 view05 pty0 pty1 - sh $this lpa0 lpa1 lpt0 lpt1 lpt2 ipl + sh $this lpa0 lpa1 lpt0 lpt1 lpt2 sh $this ccd0 ccd1 ccd2 ccd3 wd0 wd1 ch0 uk0 uk1 sh $this tun0 tun1 par0 lkm ss0 random audio0 xfs0 local ;; @@ -182,7 +181,7 @@ floppy|ramdisk) std) rm -f console drum kmem mem reload null zero tty - rm -f klog stdin stdout stderr ipf ksyms + rm -f klog stdin stdout stderr ksyms mknod console c 0 0 mknod drum c 3 0 ; chmod 640 drum ; chown root.kmem drum mknod kmem c 2 1 ; chmod 640 kmem ; chown root.kmem kmem @@ -195,7 +194,6 @@ std) mknod stdin c 21 0 ; chmod 666 stdin mknod stdout c 21 1 ; chmod 666 stdout mknod stderr c 21 2 ; chmod 666 stderr - mknod ipf c 34 0 ; chmod 444 ipf mknod ksyms c 42 0 ; chmod 640 ksyms ; chown root.kmem ksyms ;; @@ -598,15 +596,6 @@ lpt*|lpa*) chown root.wheel $name$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 34 0 - mknod ipnat c 34 1 - mknod ipstate c 34 2 - mknod ipauth c 34 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=`expr $i : 'tun\(.*\)'` rm -f tun$unit diff --git a/src/etc/etc.arc/MAKEDEV b/src/etc/etc.arc/MAKEDEV index 4881e9a6..459cb6e5 100644 --- a/src/etc/etc.arc/MAKEDEV +++ b/src/etc/etc.arc/MAKEDEV @@ -1,5 +1,5 @@ #!/bin/sh - -# $OpenBSD: MAKEDEV,v 1.34 2000/03/22 08:08:52 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.35 2001/05/30 02:11:13 deraadt Exp $ # @(#)MAKEDEV 8.1 (Berkeley) 6/9/93 # @@ -122,7 +122,7 @@ all) sh $this ccd0 ccd1 ccd2 xfs0 sh $this vnd0 vnd1 vnd2 vnd3 tty00 tty01 tty02 tty03 pty0 pty1 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh $this ipl tun0 tun1 tun2 + sh $this tun0 tun1 tun2 sh $this ttyC0 lpt0 pms0 random uk0 uk1 local joy0 joy1 ;; @@ -236,15 +236,6 @@ bpf*|tun*) chown root.wheel $name$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 31 0 - mknod ipnat c 31 1 - mknod ipstate c 31 2 - mknod ipauth c 31 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - rd*) umask 2 ; unit=`expr $i : '.*d\(.*\)'` mknod rd${unit}a b 8 `expr $unit '*' 16 + 0` diff --git a/src/etc/etc.hp300/MAKEDEV b/src/etc/etc.hp300/MAKEDEV index 62621ea4..5a338d90 100644 --- a/src/etc/etc.hp300/MAKEDEV +++ b/src/etc/etc.hp300/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.31 2000/03/22 07:34:28 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.32 2001/05/30 02:11:15 deraadt Exp $ # $NetBSD: MAKEDEV,v 1.12 1995/11/05 23:50:22 thorpej Exp $ # # Copyright (c) 1990 The Regents of the University of California. @@ -102,7 +102,7 @@ all) sh MAKEDEV sd0 sd1 sd2 rd0 rd1 pty0 vnd0 vnd1 vnd2 vnd3 sh MAKEDEV hil grf0 apci0 ppi0 ite0 dca0 dcm0 dcm1 dcm2 dcm3 sh MAKEDEV bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh MAKEDEV ipl tun0 tun1 tun2 tun3 lkm random xfs0 + sh MAKEDEV tun0 tun1 tun2 tun3 lkm random xfs0 sh MAKEDEV local ;; @@ -189,15 +189,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 33 0 - mknod ipnat c 33 1 - mknod ipstate c 33 2 - mknod ipauth c 33 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=`expr $i : 'tun\(.*\)'` rm -f tun$unit diff --git a/src/etc/etc.hppa/MAKEDEV b/src/etc/etc.hppa/MAKEDEV index 377202ae..fafebe24 100644 --- a/src/etc/etc.hppa/MAKEDEV +++ b/src/etc/etc.hppa/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.3 2000/03/22 08:08:53 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.4 2001/05/30 02:11:16 deraadt Exp $ # @(#)MAKEDEV 5.5 (Berkeley) 5/28/91 # # Device "make" file. Valid arguments: @@ -105,7 +105,7 @@ all) sh MAKEDEV sd0 sd1 sd2 rd0 rd1 pty0 vnd0 vnd1 vnd2 vnd3 sh MAKEDEV hil com0 com1 com2 com3 sh MAKEDEV bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh MAKEDEV ipl tun0 tun1 tun2 tun3 lkm random xfs0 + sh MAKEDEV tun0 tun1 tun2 tun3 lkm random xfs0 sh MAKEDEV local ;; @@ -181,15 +181,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 21 0 - mknod ipnat c 21 1 - mknod ipstate c 21 2 - mknod ipauth c 21 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=${i##*[a-z]} rm -f tun$unit diff --git a/src/etc/etc.i386/MAKEDEV b/src/etc/etc.i386/MAKEDEV index b12abaaa..b707769c 100644 --- a/src/etc/etc.i386/MAKEDEV +++ b/src/etc/etc.i386/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.93 2001/05/14 07:42:18 deraadt Exp $ +# $OpenBSD: MAKEDEV,v 1.94 2001/05/30 02:11:17 deraadt Exp $ # $NetBSD: MAKEDEV,v 1.40 1996/03/31 00:50:47 perry Exp $ # # Copyright (c) 1990 The Regents of the University of California. @@ -189,7 +189,7 @@ all) sh $this ttyC0 ttyC1 ttyC2 ttyC3 ttyC4 ttyC5 ttyC6 ttyC7 ttyC8 ttyC9 sh $this ttyCa ttyCb sh $this wscons - sh $this ipl tun0 tun1 tun2 + sh $this tun0 tun1 tun2 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 sh $this speaker lkm audio0 joy0 joy1 apm local sh $this random ses0 uk0 uk1 ss0 ss1 pctr bktr0 tuner0 wdt0 @@ -562,15 +562,6 @@ bpf*|tun[0-9]*) chown root.wheel $name$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 44 0 - mknod ipnat c 44 1 - mknod ipstate c 44 2 - mknod ipauth c 44 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - speaker) # (XXX - installed) rm -f speaker mknod speaker c 27 0 diff --git a/src/etc/etc.mac68k/MAKEDEV b/src/etc/etc.mac68k/MAKEDEV index d27a0a8f..4567d581 100644 --- a/src/etc/etc.mac68k/MAKEDEV +++ b/src/etc/etc.mac68k/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.31 2000/03/22 07:34:29 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.32 2001/05/30 02:11:19 deraadt Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -139,7 +139,6 @@ all) sh $this adb asc0 grf0 grf1 grf2 grf3 ttye0 sh $this tty00 tty01 pty0 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh $this ipl sh $this tun0 tun1 tun2 tun3 sh $this lkm sh $this random @@ -422,15 +421,6 @@ bpf*) chown root.wheel bpf${unit} ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 35 0 - mknod ipnat c 35 1 - mknod ipstate c 35 2 - mknod ipauth c 35 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=`expr $i : 'tun\(.*\)'` rm -f tun$unit diff --git a/src/etc/etc.mvme68k/MAKEDEV b/src/etc/etc.mvme68k/MAKEDEV index 0fa5a5e1..df3f0603 100644 --- a/src/etc/etc.mvme68k/MAKEDEV +++ b/src/etc/etc.mvme68k/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.29 2000/03/22 07:34:29 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.30 2001/05/30 02:11:20 deraadt Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -33,7 +33,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $OpenBSD: MAKEDEV,v 1.29 2000/03/22 07:34:29 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.30 2001/05/30 02:11:20 deraadt Exp $ # # Device "make" file. Valid arguments: # all makes all known devices, including local devices, @@ -90,7 +90,7 @@ all) sh MAKEDEV tty00 tty01 tty02 tty03 sh MAKEDEV ttyw0 sh MAKEDEV sd0 sd1 sd2 sd3 sd4 sd5 sd6 sd7 sd8 sd9 - sh MAKEDEV vnd0 vnd1 pty0 cd0 ipl + sh MAKEDEV vnd0 vnd1 pty0 cd0 sh MAKEDEV bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 #sh MAKEDEV ccd0 ccd1 ccd2 ccd3 sh MAKEDEV tun0 tun1 lkm local @@ -398,15 +398,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 39 0 - mknod ipnat c 39 1 - mknod ipstate c 39 2 - mknod ipauth c 39 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=`expr $i : 'tun\(.*\)'` rm -f tun$unit diff --git a/src/etc/etc.mvme88k/MAKEDEV b/src/etc/etc.mvme88k/MAKEDEV index ed4548c5..6ad5db24 100644 --- a/src/etc/etc.mvme88k/MAKEDEV +++ b/src/etc/etc.mvme88k/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.10 2001/03/12 23:23:50 miod Exp $ +# $OpenBSD: MAKEDEV,v 1.11 2001/05/30 02:11:21 deraadt Exp $ # $NetBSD: MAKEDEV,v 1.5 1997/01/01 23:46:23 pk Exp $ # # Copyright (c) 1990 The Regents of the University of California. @@ -77,7 +77,7 @@ all) sh $this tty00 tty01 tty02 tty03 sh $this ttyw0 sh $this sd0 sd1 sd2 sd3 sd4 sd5 sd6 sd7 sd8 sd9 - sh $this vnd0 vnd1 pty0 cd0 ipl + sh $this vnd0 vnd1 pty0 cd0 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 #sh $this ccd0 ccd1 ccd2 ccd3 sh $this tun0 tun1 lkm local @@ -340,15 +340,6 @@ lkm) chmod 640 lkm ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 39 0 - mknod ipnat c 39 1 - mknod ipstate c 39 2 - mknod ipauth c 39 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - local) umask 0 test -s MAKEDEV.local && sh MAKEDEV.local diff --git a/src/etc/etc.pc532/MAKEDEV b/src/etc/etc.pc532/MAKEDEV index e3aca0bf..9bad4358 100644 --- a/src/etc/etc.pc532/MAKEDEV +++ b/src/etc/etc.pc532/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.19 2000/03/22 08:34:16 niklas Exp $ +# $OpenBSD: MAKEDEV,v 1.20 2001/05/30 02:11:22 deraadt Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -69,7 +69,7 @@ all) sh MAKEDEV std fd sd0 sd1 sd2 st0 st1 cd0 cd1 sh MAKEDEV tty0 tty1 tty2 tty3 tty4 tty5 tty6 tty7 sh MAKEDEV bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh MAKEDEV tun0 tun1 tun2 lkm random ipl + sh MAKEDEV tun0 tun1 tun2 lkm random sh MAKEDEV ccd0 ccd1 ccd2 ccd3 sh MAKEDEV uk0 uk1 sh MAKEDEV ss0 @@ -282,15 +282,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 19 0 - mknod ipnat c 19 1 - mknod ipstate c 19 2 - mknod ipauth c 19 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=`expr $i : 'tun\(.*\)'` rm -f tun$unit diff --git a/src/etc/etc.pmax/MAKEDEV b/src/etc/etc.pmax/MAKEDEV index 43ae9b40..2641fe93 100644 --- a/src/etc/etc.pmax/MAKEDEV +++ b/src/etc/etc.pmax/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.35 2000/09/13 21:09:51 maja Exp $ +# $OpenBSD: MAKEDEV,v 1.36 2001/05/30 02:11:23 deraadt Exp $ # @(#)MAKEDEV 8.1 (Berkeley) 6/9/93 # @@ -117,7 +117,7 @@ all) # sh $this lkm local sh $this xfs0 sh $this fb0 fb1 fb2 - sh $this random ipl + sh $this random ;; raminst) @@ -180,15 +180,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 91 0 - mknod ipnat c 91 1 - mknod ipstate c 91 2 - mknod ipauth c 91 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - #tun*) # unit=`expr $i : 'tun\(.*\)'` # rm -f tun$unit diff --git a/src/etc/etc.powerpc/MAKEDEV b/src/etc/etc.powerpc/MAKEDEV index 5397d414..d84d1456 100644 --- a/src/etc/etc.powerpc/MAKEDEV +++ b/src/etc/etc.powerpc/MAKEDEV @@ -1,5 +1,5 @@ #!/bin/sh - -# $OpenBSD: MAKEDEV,v 1.43 2001/04/10 03:03:52 brad Exp $ +# $OpenBSD: MAKEDEV,v 1.44 2001/05/30 02:11:24 deraadt Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -153,7 +153,7 @@ all) sh $this vnd0 vnd1 vnd2 vnd3 sh $this ccd0 ccd1 ccd2 ccd3 sh $this raid0 raid1 raid2 raid3 - sh $this rd0 ipl + sh $this rd0 sh $this ttyC0 ttyCcfg sh $this tty00 tty01 tty02 tty03 pty0 pty1 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 @@ -525,15 +525,6 @@ bpf*) chown root.wheel bpf${unit} ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 39 0 - mknod ipnat c 39 1 - mknod ipstate c 39 2 - mknod ipauth c 39 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) unit=${i##*[a-z]} rm -f tun$unit diff --git a/src/etc/etc.sparc/MAKEDEV b/src/etc/etc.sparc/MAKEDEV index 83167c89..2f666a69 100644 --- a/src/etc/etc.sparc/MAKEDEV +++ b/src/etc/etc.sparc/MAKEDEV @@ -1,5 +1,5 @@ #!/bin/sh - -# $OpenBSD: MAKEDEV,v 1.65 2001/05/14 07:51:41 deraadt Exp $ +# $OpenBSD: MAKEDEV,v 1.66 2001/05/30 02:11:25 deraadt Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -86,7 +86,6 @@ # spif* spif card (makes 8 tty and 1 bpp) # bpp* bpp # xfs* XFS filesystem devices -# ipl IP filter log PATH=/sbin:/bin:/usr/bin:/usr/sbin this=$0 @@ -206,7 +205,6 @@ all) sh $this ccd0 ccd1 ccd2 ccd3 sh $this raid0 raid1 raid2 raid3 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh $this ipl sh $this bwtwo0 cgtwo0 cgthree0 cgfour0 cgsix0 sh $this cgeight0 cgfourteen0 tcx0 sh $this lkm random local @@ -337,15 +335,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 59 0 - mknod ipnat c 59 1 - mknod ipstate c 59 2 - mknod ipauth c 59 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) rm -f tun$unit mknod tun$unit c 111 $unit diff --git a/src/etc/etc.sun3/MAKEDEV b/src/etc/etc.sun3/MAKEDEV index a6ca077c..b1d3b964 100644 --- a/src/etc/etc.sun3/MAKEDEV +++ b/src/etc/etc.sun3/MAKEDEV @@ -1,5 +1,5 @@ #!/bin/sh - -# $OpenBSD: MAKEDEV,v 1.33 2001/02/15 01:41:49 todd Exp $ +# $OpenBSD: MAKEDEV,v 1.34 2001/05/30 02:11:26 deraadt Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -70,7 +70,6 @@ # tun* network tunnel driver # *random inkernal random data source # xfs* XFS filesystem devices -# ipl IP filter log PATH=/sbin:/bin:/usr/bin:/usr/sbin this=$0 @@ -187,7 +186,6 @@ all) sh $this pty0 vnd0 vnd1 vnd2 vnd3 tun0 tun1 tun2 tun3 sh $this ccd0 ccd1 ccd2 ccd3 sh $this bpf0 bpf1 bpf2 bpf3 bpf4 bpf5 bpf6 bpf7 bpf8 bpf9 - sh $this ipl sh $this bwtwo0 cgtwo0 cgfour0 sh $this random local sh $this xfs0 @@ -273,15 +271,6 @@ bpf*) chown root.wheel bpf$unit ;; -ipl) - rm -f ipl ipnat ipstate ipauth - mknod ipl c 75 0 - mknod ipnat c 75 1 - mknod ipstate c 75 2 - mknod ipauth c 75 3 - chown root.wheel ipl ipnat ipstate ipauth - ;; - tun*) rm -f tun$unit mknod tun$unit c 24 $unit diff --git a/src/etc/etc.vax/MAKEDEV b/src/etc/etc.vax/MAKEDEV index e1897498..9b705f1a 100644 --- a/src/etc/etc.vax/MAKEDEV +++ b/src/etc/etc.vax/MAKEDEV @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: MAKEDEV,v 1.27 2001/04/01 20:14:40 hugh Exp $ +# $OpenBSD: MAKEDEV,v 1.28 2001/05/30 02:11:27 deraadt Exp $ # $NetBSD: MAKEDEV,v 1.30 2000/01/21 12:28:29 tsutsui Exp $ # # @(#)MAKEDEV 8.1 (Berkeley) 6/9/93 @@ -92,7 +92,7 @@ ramdisk) std) rm -f console drum floppy crl csa1 csa2 tu0 tu1 g0 g1 g2 g3 rm -f kUmem kmem mem null zero tty klog ttyg[0-3] - rm -f stdin stdout stderr ksyms ipl ipnat ipstate ipauth + rm -f stdin stdout stderr ksyms mknod console c 0 0 mknod ttyg0 c 25 0 mknod ttyg1 c 25 1 @@ -115,11 +115,7 @@ std) mknod stdin c 53 0 ; chmod 666 stdin mknod stdout c 53 1 ; chmod 666 stdout mknod stderr c 53 2 ; chmod 666 stderr - mknod ipl c 42 0 ; chmod 600 ipl mknod ksyms c 50 0 ; chmod 640 ksyms ; chown root.kmem ksyms - mknod ipnat c 42 1 ; chmod 600 ipnat - mknod ipstate c 42 2 ; chmod 600 ipstate - mknod ipauth c 42 3 ; chmod 600 ipauth ;; fd) diff --git a/src/etc/ipf.rules b/src/etc/ipf.rules deleted file mode 100644 index 35e058b0..00000000 --- a/src/etc/ipf.rules +++ /dev/null @@ -1,11 +0,0 @@ -# $OpenBSD: ipf.rules,v 1.6 1997/11/04 08:39:32 deraadt Exp $ -# -# IP filtering rules. See the ipf(5) man page for more -# information on the format of this file, and /usr/share/ipf -# for example configuration files. -# -# Pass all packets by default. -# edit the ipfilter= line in /etc/rc.conf to enable IP filtering -# -pass in from any to any -pass out from any to any diff --git a/src/etc/ipnat.rules b/src/etc/ipnat.rules deleted file mode 100644 index 20e5a165..00000000 --- a/src/etc/ipnat.rules +++ /dev/null @@ -1,6 +0,0 @@ -# $OpenBSD: ipnat.rules,v 1.2 1999/05/08 16:33:10 jason Exp $ -# -# See /usr/share/ipf/nat.1 for examples. -# edit the ipnat= line in /etc/rc.conf to enable Network Address Translation - -#map ppp0 10.0.0.0/8 -> ppp0/32 portmap tcp/udp 10000:20000 diff --git a/src/etc/mtree/special b/src/etc/mtree/special index dec4f2c2..32e2535c 100644 --- a/src/etc/mtree/special +++ b/src/etc/mtree/special @@ -1,4 +1,4 @@ -# $OpenBSD: special,v 1.31 2001/03/16 15:39:08 millert Exp $ +# $OpenBSD: special,v 1.32 2001/05/30 02:11:29 deraadt Exp $ # $NetBSD: special,v 1.4 1996/05/08 21:30:18 pk Exp $ # @(#)special 8.2 (Berkeley) 1/23/94 # @@ -32,7 +32,6 @@ group type=file mode=0644 uname=root gname=wheel hosts type=file mode=0644 uname=root gname=wheel hosts.equiv type=file mode=0600 uname=root gname=wheel optional inetd.conf type=file mode=0644 uname=root gname=wheel -ipf.rules type=file mode=0644 uname=root gname=wheel optional kerberosIV type=dir mode=0755 uname=root gname=wheel optional ignore .. #kerberosIV host.random type=file mode=0600 uname=root gname=wheel optional diff --git a/src/etc/netstart b/src/etc/netstart index 7718072f..7cef40fc 100644 --- a/src/etc/netstart +++ b/src/etc/netstart @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: netstart,v 1.77 2001/03/13 21:15:09 deraadt Exp $ +# $OpenBSD: netstart,v 1.78 2001/05/30 02:11:08 deraadt Exp $ # Returns true if $1 contains only alphanumerics isalphanumeric() { @@ -27,14 +27,6 @@ fi # pick up option configuration . /etc/rc.conf -# Configure the IP filter before configuring network interfaces -if [ X"${ipfilter}" = X"YES" -a -f "${ipfilter_rules}" ]; then - echo 'configuring IP filter' - ipf -Fa -f ${ipfilter_rules} -else - ipfilter=NO -fi - # set the address for the loopback interface # it will also initialize IPv6 address for lo0 (::1 and others). ifconfig lo0 inet localhost @@ -281,11 +273,3 @@ EOF route -n add -net 224.0.0.0/4 -interface 127.0.0.1 -reject > /dev/null ;; esac - -# Configure NAT after configuring network interfaces -if [ "${ipnat}" = "YES" -a "${ipfilter}" = "YES" -a -f "${ipnat_rules}" ]; then - echo 'configuring NAT' - ipnat -CF -f ${ipnat_rules} -else - ipnat=NO -fi diff --git a/src/etc/newsyslog.conf b/src/etc/newsyslog.conf index 0e4cbb1f..6361fa12 100644 --- a/src/etc/newsyslog.conf +++ b/src/etc/newsyslog.conf @@ -1,4 +1,4 @@ -# $OpenBSD: newsyslog.conf,v 1.11 2000/09/22 14:25:40 millert Exp $ +# $OpenBSD: newsyslog.conf,v 1.12 2001/05/30 02:11:08 deraadt Exp $ # # configuration file for newsyslog # @@ -14,8 +14,6 @@ /var/log/wtmp 644 7 * 168 ZB /var/log/xferlog 640 7 250 * Z /var/log/ppp.log 640 7 250 * Z -# If you run ipmon w/o the -Ds flag you need to add "/var/run/ipmon.pid" here -/var/log/ipflog 640 7 * 24 Z # # Uncomment to rotate apache logs # diff --git a/src/etc/rc b/src/etc/rc index 9743922b..a34ed429 100644 --- a/src/etc/rc +++ b/src/etc/rc @@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.170 2001/05/15 21:28:43 deraadt Exp $ +# $OpenBSD: rc,v 1.171 2001/05/30 02:11:09 deraadt Exp $ # System startup script run by init on autoboot # or after single-user. @@ -184,10 +184,6 @@ if [ "X${named_flags}" != X"NO" ]; then echo 'starting named'; named $named_flags fi -if [ X"${ipfilter}" = X"YES" -a X"${ipmon_flags}" != X"NO" ]; then - echo 'starting ipmon'; ipmon ${ipmon_flags} -fi - # $photurisd_flags is imported from /etc/rc.conf; # If $photurisd_flags == NO or /etc/photuris/photuris.conf doesn't exist, then # photurisd isn't run. diff --git a/src/etc/rc.conf b/src/etc/rc.conf index 57f0b16a..7f19c1b1 100644 --- a/src/etc/rc.conf +++ b/src/etc/rc.conf @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: rc.conf,v 1.60 2001/05/23 16:32:03 aaron Exp $ +# $OpenBSD: rc.conf,v 1.61 2001/05/30 02:11:09 deraadt Exp $ # set these to "NO" to turn them off. otherwise, they're used as flags routed_flags=NO # for normal use: "-q" @@ -50,8 +50,6 @@ gated=NO kerberos_server=NO # kerberos server. run 'info kth-krb' for assistance. kerberos_slave=NO # kerberos slave server. amd=NO -ipfilter=NO -ipnat=NO # for "YES" ipfilter must also be "YES" portmap=YES # almost always needed inetd=YES # almost always needed lpd=NO # printing daemons @@ -72,9 +70,6 @@ yppasswdd_flags= # "-d /etc/yp" if passwd files are in /etc/yp nfsd_flags="-tun 4" # Crank the 4 for a busy NFS fileserver amd_dir=/tmp_mnt # AMD's mount directory amd_master=/etc/amd/master # AMD 'master' map -ipfilter_rules=/etc/ipf.rules # Rules for IP packet filtering -ipnat_rules=/etc/ipnat.rules # Rules for Network Address Translation -ipmon_flags=-Ds # To disable logging, use ipmon_flags=NO syslogd_flags= # add more flags, ie. "-u -a /chroot/dev/log" named_user=named # Named should not run as root unless necessary named_chroot=/var/named # Where to chroot named if not empty diff --git a/src/etc/syslog.conf b/src/etc/syslog.conf index 8ec070ad..ed07bee4 100644 --- a/src/etc/syslog.conf +++ b/src/etc/syslog.conf @@ -1,4 +1,4 @@ -# $OpenBSD: syslog.conf,v 1.7 2000/06/20 03:37:49 kjell Exp $ +# $OpenBSD: syslog.conf,v 1.8 2001/05/30 02:11:10 deraadt Exp $ # *.err;kern.debug;auth.notice;authpriv.none;mail.crit /dev/console @@ -11,7 +11,7 @@ daemon.info /var/log/daemon ftp.info /var/log/xferlog lpr.debug /var/log/lpd-errs mail.info /var/log/maillog -local0.info /var/log/ipflog +#local0.info /var/log/ipflog #uucp.info /var/log/uucp *.err root @@ -23,7 +23,7 @@ local0.info /var/log/ipflog # syslogd with the -u option on the remote host if you are using this. # (This is also required to log info from things like routers and # ISDN-equipment). If you run -u, you are vulnerable to syslog bombing, -# and should consider using ipf to block external syslog packets +# and should consider blocking external syslog packets #*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost #kern.debug,user.info,syslog.info @loghost #auth.info,authpriv.debug,daemon.info @loghost